Sunday, November 2, 2014

Introduction to Cryptography - Definitions

Encryption is used in many places. We can use encryption for data at rest or even data in transit. However, the encryption technology used can vary. In these tasks we will perform some basic cryptography via a couple of tasks. The idea behind these tasks is just to get our feet wet with some simple cryptographic methods.Before we move forward, let's get some terminology out of the way.

Block & Stream Ciphers

Both stream and block ciphers are used for encrypting data. They are also both
used in Symmetric cryptography. They however differ in the fact that stream
ciphers encrypt one byte of data at a time as is done in RC4, while block
cipher encrypts a block of data at a time. Examples of block size includes DES
which is 56 bits, Triple DES, 168 bits and AES which is 128 bits (pic.dhe.ibm.com).

Substitution Ciphers

This is a method of encryption through which units of plaintext are replaced
with ciphertext through the use of a regular system. These units may be single
letter, pair of letters, etc. In addition, the “plaintext are
retained in the same sequence in the ciphertext, but the units themselves are
altered.”plaintext(princeton.edu).

Some type of substitution
ciphers are simple substitution, polygraphic, monoalphabetic cipher. The most
popular substitution cipher is the Caesar cipher.

Transposition Ciphers
The data in a transposition cipher is rearranged in a different order but the
data itself is not changed(princeton.edu).

Symmetric encryption is also
called secret key encryption. In this method of encryption, a single key is
used for encrypting and decrypting the traffic.

While symmetric encryption uses
one key for encryption and decryption, asymmetric encryption uses to related
keys—a key pair (support.microsoft.com, 2007). The two
keys involved in asymmetric encryption are known as private and public keys.
The private key is only known by its owner while the public key can and is
usually shared.

Algorithms are relatively
inexpensive to process (pic.dhe.ibm.com)
Can be highly effective when implemented in hardware

Disadvantages of symmetric
encryption

A Major drawback is exchanging the
private keys (pic.dhe.ibm.com)

Managing large number of keys can
become problematic

Advantages of asymmetric
encryption
Key Distribution is easier to manage

Key management is easier to implement

Disadvantages of asymmetric
encryption
Much slower than symmetric algorithms (Garloff,
2000)
Two keys are needed instead of one

It is important to distribute keys
out of band in Symmetric Encryption because of the fact that one key is used for
encryption and decryption. If this key is compromised or is obtained by an
unauthorized person, the encrypted data can be easily read.

Hash Functions: A hash function is an algorithm that
takes a chunk of data and converts into a fixed size result. The result of
applying the algorithm to a chunk of data is called the hash value . (Hoffman, 2005) . This hash value provides a fingerprint for the message’s contents,
which ensures that the message has not been altered by an intruder, virus or
other means (Northcutt).

Below is a list of threat intelligence websites that you can use. Cymon.io is an excellent one as it searches around 200 different sources. If you’re looking for a more exhaustive list of threat intel sites, check out https://github.com/rshipp/awesome-malware-analysis